WordPress.com Forums » Topic: Illegal posting on my bloghttps://en.forums.wordpress.com/topic/illegal-posting-on-my-blog
WordPress.com Forums » Topic: Illegal posting on my blogenSun, 02 Aug 2015 23:19:40 +0000http://bbpress.org/?v=1.1-alpha-2539pjad on "Illegal posting on my blog"https://en.forums.wordpress.com/topic/illegal-posting-on-my-blog#post-952531
Sun, 22 Jul 2012 14:06:43 +0000pjad952531@https://en.forums.wordpress.com/Thanks for letting us know about this. We also noticed something suspicious. We have reset the passwords of all affected users and have sent them an email to let them know. If there was any spam posted and not removed before we got there, we also went ahead and cleaned that up.

It is very likely that you were using the same password on WordPress.com that you used elsewhere. Recently, a few large services -- LinkedIn, Yahoo, eHarmony, and Last.fm to name a few -- have suffered well-publicized security breaches that have exposed email addresses and passwords. Although the passwords are usually stored securely, simple passwords can be decrypted or "cracked" in a matter of hours using modern technology.

Hackers gather the lists of email addresses and passwords from these services and then try to use them to access accounts on other popular services, like WordPress.com. If you used the same password multiple places, then your account can be compromised. That is what happened here. We do have measures in place to protect password guessing or "brute force" attacks but in this case, since the password is known beforehand, there is no need for a hacker to guess.

You should have a strong, unique password for every account you have on the internet. We have some more information on selecting a strong password in our Support section, please read through it:

We take security seriously, and are happy to answer any questions you have.

]]>designsimply on "Illegal posting on my blog"https://en.forums.wordpress.com/topic/illegal-posting-on-my-blog#post-951791
Sat, 21 Jul 2012 16:52:33 +0000designsimply951791@https://en.forums.wordpress.com/Thank you for posting about this. We're looking into it now to check everything out and make sure things are secure.
]]>timethief on "Illegal posting on my blog"https://en.forums.wordpress.com/topic/illegal-posting-on-my-blog#post-951769
Sat, 21 Jul 2012 16:28:11 +0000timethief951769@https://en.forums.wordpress.com/Great! There are security tips here > http://en.support.wordpress.com/security/
]]>catharine2 on "Illegal posting on my blog"https://en.forums.wordpress.com/topic/illegal-posting-on-my-blog#post-951768
Sat, 21 Jul 2012 16:27:01 +0000catharine2951768@https://en.forums.wordpress.com/Aha, now I found how to disable post by email and post by voice as well to be really safe.
]]>timethief on "Illegal posting on my blog"https://en.forums.wordpress.com/topic/illegal-posting-on-my-blog#post-951746
Sat, 21 Jul 2012 15:58:07 +0000timethief951746@https://en.forums.wordpress.com/

post by email ... but now I have enabled

Disable it.

]]>catharine2 on "Illegal posting on my blog"https://en.forums.wordpress.com/topic/illegal-posting-on-my-blog#post-951712
Sat, 21 Jul 2012 15:32:00 +0000catharine2951712@https://en.forums.wordpress.com/I don't think I have had post by email activated but now I have enabled and deleted it and changed all passwords. Thanks for all the help.
]]>auxclass on "Illegal posting on my blog"https://en.forums.wordpress.com/topic/illegal-posting-on-my-blog#post-951581
Sat, 21 Jul 2012 13:30:46 +0000auxclass951581@https://en.forums.wordpress.com/A few more suggestions:

The only “hacked” sites I have seen here have been people getting the password somehow to a site so you do want to be careful how you log in and use a tough password.

You should also check to make sure that someone has not added a new user to your site. Problems have also happened when there was more than one Admin. and an Admin left on less than graceful terms.

Dashboard >> Users

There have also been a few Posts on “hacked” sites and it was because someone got the Post by Email address and using the Post by Email to send in new Posts, if you have Post by email disable the Post by Email and regenerate the address. Spammers have scripts the generate email addresses and they sometimes can get a valid address for a Post by Email address.

]]>nandobase on "Illegal posting on my blog"https://en.forums.wordpress.com/topic/illegal-posting-on-my-blog#post-951528
Sat, 21 Jul 2012 11:35:52 +0000nandobase951528@https://en.forums.wordpress.com/It's a spam. You need to deactivate post by email to prevent it from happening again.
]]>ardpete on "Illegal posting on my blog"https://en.forums.wordpress.com/topic/illegal-posting-on-my-blog#post-951506
Sat, 21 Jul 2012 10:47:47 +0000ardpete951506@https://en.forums.wordpress.com/If you undelete the post and set it to private, so only you can see it, staff will be able to have a look at it when they read this thread which I have marked for their attention.

To be on the safe side I would advise changing your password for both your blog and your e-mail address.

]]>catharine2 on "Illegal posting on my blog"https://en.forums.wordpress.com/topic/illegal-posting-on-my-blog#post-951504
Sat, 21 Jul 2012 10:44:09 +0000catharine2951504@https://en.forums.wordpress.com/somebody else has posted on my blog under my name, I have deleted that posting which was about making money on the internet
Blog url: http://catharine2.wordpress.com/
]]>